From start-up to scale-up, and beyond…

It wasn’t so very long ago that the FTSE 500 was a pretty predictable patch

It wasn’t so very long ago that the FTSE 500 was a pretty predictable patch. Most of the companies that made the cut had been in existence for up to 75 years, and having achieved their status they clung onto it. Newcomers were few and far between in this most exclusive of clubs.

In recent years, things have changed – a lot. Compare the list of today with the list of five years ago and it looks very different. Without making too general an observation, a lot of the companies that have fallen off the list are pretty traditional in terms of the products and services they offer, and more importantly how they offer them to customers. Those who have taken their place may not be able to compete in terms of physical locations and people, but their market value has increased exponentially due to their digital prowess. Consider that Just Eat has a higher market value than Sainsburys – the former was founded in 2000 and the latter in 1869. While I would never suggest that companies born in the 19th century cannot be digital innovators, in 17 years Just East has risen further in the ranks than a company that has been around for almost 150.

The journey from start-up to scale-up to stock market star can be a very fast one for companies that adopt a Cloud Native strategy. According to the Cloud Native Computing Foundation (CNCF) a Cloud Native strategy is about scale and resilience, but it’s also about speed, and how quickly an idea can be turned into a viable product or service that directly meets the needs of a specific target audience.

Equally as important is security – whether your goal is to hyperscale an existing product, reduce operating costs or improve margins (or all three) – the fact is that at some point your investors, customers, regulators and auditors are going to demand that you have adequate measures in place to protect the data you hold. One breach involving sensitive customer data, and it could all be over.

Returning to the example of an online food ordering and delivery service, the fundamental element of their business and primary customer interface is their app. Using the app needs to be intuitive, easy and fast, regardless of how many customers happen to be ordering takeaways of a Friday evening. And while the market is growing at a rapid rate, new challengers are entering the market on a regular basis. This company, and many others like it, simply cannot afford for their app to be out of action.

While the app needs to be built to scale, it also needs to be protected against a plethora of potential security threats. These include, but are not limited to, session hijacking and malware, API, man-in-the-middle and SQL injection attacks, DDoS and DNS spoofing.

In addition, compliance and regulatory requirements such as PCI, PSD2 and GDPR will compel every business, regardless of size, to address fundamental security practices across the organisation.

So what is the lesson here? IT security should be a priority for every organisation, but for the digitally-driven start-up it is essential for the business to function. While scale and resilience are important for expansion into new markets and customer acquisition, they must go hand-in-hand with a robust and comprehensive security fabric.

The good news? Disruptive businesses that operate in the Cloud are in the fortunate position of being able to build security in from the very start. Whether the DevOps team is working on a new API or the Board has decided to expand into APAC, securing the infrastructure and interfaces is on the table from the beginning. This not only saves time and money - retrospective security solutions added after the fact are inevitably going to be more expensive – but it will also protect brand reputation and market value in the long-run. For those on the start-up to scale-up path, that alone should be motivation enough.